Re: Unable to get Postfix to respond on port 465

2021-06-13 Thread @lbutlr
On 11 Jun 2021, at 09:15, Linda Pagillo wrote: > 465 inet n - n - - smtpd > -o syslog_name=postfix/smtps > -o smtpd_tls_wrappermode=yes This is incorrect. 465 should be set without a STARTTLS wrapper -o smtpd_tls_security_level=encrypt > -o smtpd_sasl

Re: Search for free MX Backup Service

2021-07-02 Thread @lbutlr
On 01 Jul 2021, at 23:54, Maurizio Caloro wrote: > > Searching any Service that offer free any possible MX Backup? MX backups are a legacy of 30-40 years ago when it was very common to have machines that only periodically connected to the Internet. There are many reasons they are a bad idea i

www.postfix.org site appears to be down.

2021-07-02 Thread @lbutlr
When going to https://www.postfix.org I get, after an invalid certificate error, > Apache Software Foundation Distribution Directory > > The directories linked below contain current software releases from the > Apache Software Foundation projects. Older non-recommended releases can be > found o

Re: ALPACA writeup

2021-08-14 Thread @lbutlr
On 10 Aug 2021, at 17:48, raf wrote: > Note: I'm not recommending this. I expect that the existing default > has been arrived at after much observation and careful thought. > But the option to do this is there if that's what you want. It may be worth testing, as the setting may date from days in

Re: ALPACA writeup

2021-08-14 Thread @lbutlr
> On 2021 Aug 14, at 12:27, Viktor Dukhovni wrote: > > On Sat, Aug 14, 2021 at 11:54:12AM -0600, @lbutlr wrote: > >> On 10 Aug 2021, at 17:48, raf wrote: >>> Note: I'm not recommending this. I expect that the existing default >>> has been arri

Re: Google spam...

2021-08-20 Thread @lbutlr
On 17 Aug 2021, at 15:35, Viktor Dukhovni wrote: > or (easier, but no idea whether this is effective), use an IMAP client > to move the message into the INBOX of a Gmail account, and then report > it as spam. When this has happened to me in the past I re-enable the POP import feature on gmail an

AUTH rate limit

2021-11-03 Thread @lbutlr
postfix/smtps/smtpd[5554] warning: AUTH command rate limit exceeded: 4 Where is this limit set? I looked through postconf -d | grep auth looking for something but did not find anything. -- You're so bad at doing acid!

Re: AUTH rate limit

2021-11-03 Thread @lbutlr
On 2021 Nov 03, at 04:08, Markus Schönhaber wrote: > 03.11.21, 10:53 +0100, @lbutlr: > >> postfix/smtps/smtpd[5554] warning: AUTH command rate limit exceeded: 4 >> Where is this limit set? I looked through postconf -d | grep auth looking >> for something but did no

[OT] "private" emails aliases

2022-01-10 Thread @lbutlr
Is there an existing system out there that integrates with postfix that makes it simple for a user to add 'private' email addresses that are aliased to their real email and also to then bitbucket the email? What I am thinking about is something where a user can request a new alias and get back

Re: [OT] "private" emails aliases

2022-01-21 Thread @lbutlr
On 2022 Jan 10, at 10:37, Benny Pedersen wrote: > On 2022-01-10 18:25, @lbutlr wrote: > >> I can think of some (messy) ways to do this, but before I start >> cobbling something together, I am hoping this is something someone has >> already done. > > why

Re: [OT] "private" emails aliases

2022-01-21 Thread @lbutlr
On 2022 Jan 11, at 03:15, Felix Ingram wrote: > For letting users create the aliases by sending mail, I'd have a look at > either the SMTP authentication delegation option: Postfix SMTP Access Policy > Delegation or an external content filter. Thanks, that sounds very promising. (Sorry for the

Fun and profit with mailq

2022-02-16 Thread @lbutlr
The man page on sendmail contains a small section on mailq which explains the display o family. While the postqueue man page says that postqueue -p implements the mailq command vi shows(). The only mention of 'hold' on either of these man pages is in the description of the mailq/postqueue -p ou

Re: Fun and profit with mailq

2022-02-16 Thread @lbutlr
On 2022 Feb 16, at 05:06, @lbutlr wrote: > What I would like to do is to execute a command that only returns output if > there are messages on hold On a related question, is there a way to tell postfix "put all outbound mail into the hold queue" so I can test some of this? I k

Re: Fun and profit with mailq

2022-02-16 Thread @lbutlr
On 2022 Feb 16, at 07:49, Viktor Dukhovni wrote: > Users who want an unsanitised form of the queue content should consume > JSON. This is why I need actual messages in the hold queue so I can test. I do prefer -j if for nothing else that it returns nothing at all when the queue is empty while -

Re: Fun and profit with mailq

2022-02-16 Thread @lbutlr
On 2022 Feb 16, at 09:44, Noel Jones wrote: > To put everything on hold, insert check_client_access static:hold in one of > your restrictions. Something like: > > smtpd_client_restrictions = > check_client_access static:hold > ... stuff you have already ... Thanks, this is perfect. Will start t

Multiple names for one mail server?

2022-02-25 Thread @lbutlr
Are there any issue with using multiple names for the same mail server? For example, I use mail.exampl.net as the FQDN for the mail sever, but if I have a hosted domain at example.com can I have its MX set to mail.example.com and point to the same IP without issue, or do I need to do something i

Re: Multiple names for one mail server?

2022-02-25 Thread @lbutlr
On 2022 Feb 25, at 08:12, post...@ptld.com wrote: > On 02-25-2022 9:10 am, @lbutlr wrote: >> For example, I use mail.exampl.net as the FQDN for the mail sever, >> but if I have a hosted domain at example.com can I have its MX set to >> mail.example.com and point to the

Re: Multiple names for one mail server?

2022-02-25 Thread @lbutlr
On 2022 Feb 25, at 08:55, Viktor Dukhovni wrote: > The moment TLS enters into the picture, you start to need much more > complicated certificate management to get MUAs to see an acceptable > certificate for its expected nameme on ports 587 and 465, Ah. Hmm. That does sound like a bit of a problem

Re: Multiple names for one mail server?

2022-02-25 Thread @lbutlr
On 2022 Feb 25, at 12:05, post...@ptld.com wrote: >> (The reason to do this is to make the move over seamless for the user of >> that domain, and that it how their previous host had the mail setup. >> Duplicating the setup means I do not have to go in and change the mail >> servers on every clie

Re: Multiple names for one mail server?

2022-02-27 Thread @lbutlr
On 2022 Feb 25, at 14:56, John Levine wrote: > When a client does a STARTTLS on a port 25 or 587 session, or at > connection time on a port 465 session, the mail server sends back a > certificate with the server name in it. If that name does not match > the name the client is expecting, various ba

Re: spam emails with "to:" line missing

2022-04-15 Thread @lbutlr
> On 2022 Apr 15, at 07:30, Benny Pedersen wrote: > > On 2022-04-15 10:47, Bernardo Reino wrote: > >> Many e-mails are sent to "BCC" lists, so they have no To: header (or >> have one with "undisclosed-recipients"). > > bcc does not remove or add to No, and that's not what what said. However

Re: spam emails with "to:" line missing

2022-04-19 Thread @lbutlr
On 2022 Apr 15, at 16:53, Viktor Dukhovni wrote: > On Fri, Apr 15, 2022 at 04:30:19PM -0600, @lbutlr wrote: > >> However, it is *very* common for a BBC email to have a To header with >> no email address in it at all, > > This violates RFC5322 and earlier versions. No

Re: Mail looping issue

2022-05-20 Thread @lbutlr
On 2022 May 19, at 12:56, Jeremy Hansen wrote: > I’m trying to do a ssh port forward of port 25 from my local mta to an aws > node so my mta doesn’t have to be directly on the routable internet. Why does your mta need port 25 at all if it's not routable? > I’m seeing an interesting problem due

Re: Migrate mbox from 2.6.6 to 3.5.6

2022-05-20 Thread @lbutlr
On 2022 May 20, at 08:24, Steffen Nurpmeso wrote: > Bill Cole wrote in > : > > |In fact, 'mbox' standardization is horrendous. One shouldn't have > > That was overcome with RFC 4155 in 2005. Hah! Good one! -- Competent? How are we going to compete with that?

Rejected mails in mailq

2022-06-15 Thread @lbutlr
Google has decided to reject some mails for a local user (mails in reply to gmail mails and to people they correspond with regularly, but that's not wha this email is about). 4LNYt002TPzPlrQ 77012 Wed Jun 15 09:59:16 (host alt1.gmail-smtp-in.l.google.com[142.250.152.27] said: 550-5.7.1 [6

Re: Rejected mails in mailq

2022-06-16 Thread @lbutlr
On 2022 Jun 16, at 02:01, Matus UHLAR - fantomas wrote: > On 15.06.22 16:35, @lbutlr wrote: >> Google has decided to reject some mails for a local user (mails in reply to >> gmail mails and to people they correspond with regularly, but that's not wha &g

Re: different message_size_limit per smtpd

2019-11-20 Thread @lbutlr
On 20 Nov 2019, at 08:16, Wietse Venema wrote: > A. Schulze: >> My goal is to allow different message size on MX and submission. >> As message_size_limit is a cleanup option, this is my (non working) setup >> based on http://www.postfix.org/BUILTIN_FILTER_README.html#mx_submission > The SMTP daem

Re: reject mail if dns and rdns differ

2019-11-21 Thread @lbutlr
On 13 Nov 2019, at 02:30, Matus UHLAR - fantomas wrote: > On 12.11.19 17:01, Viktor Dukhovni wrote: >> The correct way to verify that would be to resolve the EHLO name to >> an address, NOT to resolve the address to a name. This would then >> find no anomalies with: >> >> Received: from ehl

Re: reject mail if dns and rdns differ

2019-11-21 Thread @lbutlr
> On 21 Nov 2019, at 17:06, Jaroslaw Rafa wrote: > > Dnia 21.11.2019 o godz. 23:50:15 Gregory Heytings pisze: >> And there are various techniques (for example connection >> rate limits, response delays, greylisting) that prevent you from >> "accepting all mail" and that have zero false positiv

Re: Reject Chinese mail

2019-11-23 Thread @lbutlr
On 20 Nov 2019, at 21:51, merr...@fn.de wrote: > We did get a lot of spam messages from Chinese providers. We speak not > Chinese, do you think if it is possible to reject all mails from China? > Thanks This is what I do: In crontab for root: @reboot bash -c 'pfctl -t badguys -T add $(cat /usr

Re: Sieve vacation and smtp_sasl_password_maps

2019-11-23 Thread @lbutlr
On 23 Nov 2019, at 10:13, Gianni Angelozzi wrote: > Yes, I need smtp_sender_dependent_authentication because the upstream ISP > will only accept incoming mails from the authenticated user. That doesn’t imply a need for smtp_sender_dependent_authentication. That is needed, AIUI, when you have mu

Re: Sieve vacation and smtp_sasl_password_maps

2019-11-24 Thread @lbutlr
> On 24 Nov 2019, at 03:42, Gianni Angelozzi wrote: > > In my system I have 10 users. Each user has his own upstream account on the > ISP. If you mentioned that before, I missed it. > When I authenticate the SMTP connection, my ISP will only allow that user to > send the mail. Like, if I u

Pflogsummand nbzcat

2019-11-24 Thread @lbutlr
Is there a simpler way to do this (since bzcat can’t cat a text file) 👹 # bzcat mail.log.* > /tmp/mail.combined && cat mail.log >> /tmp/mail.combined 👹 # pflogsumm /tmp/mail.combined --detail 15 -- I've got a sonic screwdriver! Yeah? I've got a chair! ... Chairs *are* useful.

Re: Reject Chinese mail

2019-11-26 Thread @lbutlr
On 26 Nov 2019, at 19:00, 황병희 wrote: >> How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i >> think. >> >> I disagree. It often labels mailing list email as spam, [...] > > Personally i read public mailing lists' messages by Gmane. Ugh. Just about the only reason I stil

Re: question on a SPF setting

2019-11-27 Thread @lbutlr
On 27 Nov 2019, at 00:15, Wesley Peng wrote: > -exists:%{ir}.spf.rambler.ru That expands to if the IP address (reverse check) plus /spf/rambler.ru exists… So, of you see a connection from 1.2.3.444 and 1.2.3.444.spf.rambler.ru exists, pass the spf check. -- Fairy Tales are more than true; n

Re: question on a SPF setting

2019-11-27 Thread @lbutlr
On 27 Nov 2019, at 16:31, @lbutlr wrote: > On 27 Nov 2019, at 00:15, Wesley Peng wrote: >> -exists:%{ir}.spf.rambler.ru > > That expands to if the IP address (reverse check) plus /spf/rambler.ru exists… > > So, of you see a connection from 1.2.3.444 and 1.2.3.444.spf.rambl

Recipient address rejected for recipient address in virtual

2019-12-02 Thread @lbutlr
I have an email address listed in virtual in the form ama...@kreme.com. kreme+ama...@kreme.com But when an email comes in to that address, I get Recipient address rejected: unverified address: Address lookup failed; # postmap -q ama...@kreme.com hash:/etc/postfix/virtual kreme+ama...@kreme.com

Re: Recipient address rejected for recipient address in virtual

2019-12-02 Thread @lbutlr
> On 02 Dec 2019, at 05:26, Matus UHLAR - fantomas wrote: > > On 02.12.19 05:21, @lbutlr wrote: >> I have an email address listed in virtual in the form >> >> ama...@kreme.com. kreme+ama...@kreme.com > > it that a trailing dot? Autocorrecting two spaces

Re: Recipient address rejected for recipient address in virtual

2019-12-02 Thread @lbutlr
On 02 Dec 2019, at 05:21, @lbutlr wrote: > But when an email comes in to that address, I get Recipient address rejected: > unverified address: Address lookup failed; > > # postmap -q ama...@kreme.com hash:/etc/postfix/virtual > kreme+ama...@kreme.com I have disabled reject_unver

Re: Recipient address rejected for recipient address in virtual

2019-12-02 Thread @lbutlr
On 02 Dec 2019, at 09:53, Bill Cole wrote: > On 2 Dec 2019, at 8:43, @lbutlr wrote: >> One difference is that the one that is failing changes the targeted local >> domain amazon@localdomain to kreme+ama...@kreme.com, if that matters. > > Virtual mailbox domains and virt

Re: Recipient address rejected for recipient address in virtual

2019-12-02 Thread @lbutlr
On 02 Dec 2019, at 09:47, Bill Cole wrote: > Have you considered doing as recommended at > http://www.postfix.org/DEBUG_README.html#mail to make it easier for us to > understand your issue? Logs, postconf output, postmap -q output, what am I missing? -- This above all, to thine own self be

Re: Recipient address rejected for recipient address in virtual

2019-12-03 Thread @lbutlr
On 02 Dec 2019, at 06:43, @lbutlr wrote: > status=bounced (host mail.covisp.net[private/dovecot-lmtp] said: 550 5.1.1 > User doesn't exist: ama...@covisp.net (in reply to RCPT > TO command)) I was able to mitigate this be creating another entry in virtual ama...@covisp.

Re: Recipient address rejected for recipient address in virtual

2019-12-03 Thread @lbutlr
On 02 Dec 2019, at 06:43, @lbutlr wrote: > status=bounced (host mail.covisp.net[private/dovecot-lmtp] said: 550 5.1.1 > User doesn't exist: ama...@covisp.net (in reply to RCPT > TO command)) I was able to mitigate this be creating another entry in virtual ama...@covisp.

Specific domain rejects address extensions

2019-12-03 Thread @lbutlr
I have several domains, all of which have addresses with address delimiters in use. One domain is rejecting all addresses with address extensions in the lmtpd stage (after passing in smtpd). All the domains are in a single sql database and I do not see any differences in the sql definition for

Re: Specific domain rejects address extensions

2019-12-04 Thread @lbutlr
On 03 Dec 2019, at 15:27, @lbutlr wrote: > I have several domains, all of which have addresses with address delimiters > in use. One domain is rejecting all addresses with address extensions in the > lmtpd stage (after passing in smtpd). # postconf -n alias_database = hash:$config_

Re: Specific domain rejects address extensions

2019-12-04 Thread @lbutlr
On 04 Dec 2019, at 09:52, Viktor Dukhovni wrote: >$ config_directory=$(postconf config_directory) >$ maps="proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf > hash:$config_directory/virtual" >$ postmap -q ama...@myvirtualdomain.tld $maps Aha! I was only checking virtual inste

Re: config check

2019-12-09 Thread @lbutlr
> On 09 Dec 2019, at 00:17, Felix Rubio wrote: > > Allow unencrypted/unauthenticated users to submit mail from local > (127.0.0.x) connections There is no need for this, and it is dangerous. Just because a connection is local doesn’t mean it is trustworthy. >mynetworks = 127.0.0.0/24,

Re: Postfix header_checks not working: Invalid preceding regular expression

2019-12-09 Thread @lbutlr
On 09 Dec 2019, at 07:12, Simone Marchioni wrote: > I have a problem with Postfix. Recently we are receiving mail messages with > malformed "From:" headers as these: > > From: "Name Surname " > From: "u...@good-domain.com" There is nothing malformed about these headers. -- A closed mouth

Re: config check

2019-12-09 Thread @lbutlr
On 09 Dec 2019, at 13:54, Viktor Dukhovni wrote: > On Dec 9, 2019, at 3:38 PM, LuKreme wrote: >> The configuration as posted, and specifically the line I quoted directly >> above my comment, allowed unauthenticated traffic from anything on the LAN. >> This means random printers, IOT devices, an

Re: DMARC usage opinion

2019-12-17 Thread @lbutlr
On 17 Dec 2019, at 06:14, Roberto Carna wrote: > I have a Postfix server and I have SPF and DKIM TXT records in my DNS. > Everything works OK. Good. You might look into DNSSEC as well if you haven’;t done that. The setup is a bit tricky butane it’s setup it just works. > But now I want to impl

Re: Mail shows being queued, but not in queue

2019-12-26 Thread @lbutlr
On 26 Dec 2019, at 09:18, LuKreme wrote: > postconf-n Sorry, `postconf -n` I was typing on my iPad and didn’t notice the lack of a space. This is what is in my postconf -n that seems most relevant to your situation: dovecot_destination_recipient_limit = 1 smtpd_sasl_type = dovecot virtual_tran

Re: Postfix Maildir problems

2019-12-28 Thread @lbutlr
On 28 Dec 2019, at 14:54, Richard Rasker wrote: > Everything went very smooth, and everything works (sending mail, receiving > mail, authentication, certificates, IMAP folders showing in the mail client > (Thunderbird)) -- except for the very last thing: received mail ends up in > /var/spool/ma

Re: Mail rejected with 5.7.1 HDR9020 Date header is in the distant future

2020-01-06 Thread @lbutlr
On 06 Jan 2020, at 13:18, Wietse Venema wrote: >> As my mail provider has told me they updated it to 2030, This is ridiculous. It is trivial to automate this by generating a header check dynamically based on the current UTC date, so doing this “by hand” and setting something up that allows an

Re: Multiple tables for check_sender_access

2020-01-11 Thread @lbutlr
On 11 Jan 2020, at 02:25, azu...@pobox.sk wrote: > smtpd_sender_restrictions = > reject_non_fqdn_sender > check_sasl_access hash:/etc/postfix/sasl_access > check_sasl_access hash:/etc/postfix/sasl_access_2 > reject_sender_login_mismatch That should work just fine. What errors did you get?

Re: ISP open relay

2020-01-13 Thread @lbutlr
On 13 Jan 2020, at 07:58, Jaroslaw Rafa wrote: > You were forced to use ports 587 or 465 for outgoing mail. Yes, that is a sensible ISP. -- And she was lying in the grass And she could hear the highway breathing And she could see a nearby factory She's making sure she is not d

Re: Port 25 closed on bulk sending servers

2020-01-15 Thread @lbutlr
On 15 Jan 2020, at 05:56, Sam Tuke wrote: > I noticed that newsletters which I receive from large firms are typically > sent from servers which have port 25 closed. And this is an issue why? > Is it common practice to close port 25 on bulk sending servers? Should we do > this for Postfix serve

Re: Bounce mails manually

2020-01-15 Thread @lbutlr
On 15 Jan 2020, at 15:12, Noel Jones wrote: > We've had problems with users mistyping domain names, such as hotmal.com or > aoil.com. And they ignore the delay warning message because they still don't > notice their typo. Then they get the bounce when the max queue expires. The messages in the

Re: Bounce mails manually

2020-01-15 Thread @lbutlr
On 15 Jan 2020, at 16:11, @lbutlr wrote: > There is only so much diaper-changing you can do for your users. Sorry, one other thing I wanted to add. You have no control over mail DELIVERY to any domain that is not under your control. Even if everything in the headers is perfectly correct

Re: Bounce mails manually

2020-01-16 Thread @lbutlr
On 16 Jan 2020, at 00:02, azu...@pobox.sk wrote: > Citát "@lbutlr" : > >> On 15 Jan 2020, at 15:12, Noel Jones wrote: >>> We've had problems with users mistyping domain names, such as hotmal.com or >>> aoil.com. And they ignore the delay warning

Re: Bounce mails manually

2020-01-16 Thread @lbutlr
On 16 Jan 2020, at 09:35, Noel Jones wrote: > On 1/16/2020 3:19 AM, @lbutlr wrote: > >>> : Domain hotmal.com does not accept mail (nullMX) >> So perhaps THIS is the issue on your server, you are not respecting nullMX >> replies? > > Of course not. It's a

Re: Bounce mails manually

2020-01-18 Thread @lbutlr
On 17 Jan 2020, at 02:02, Jaroslaw Rafa wrote: > Dnia 16.01.2020 o godz. 15:46:31 @lbutlr pisze: >> >> Recheck? What do you mean> there is no rechecking the VALID domain is looked >> up, it does not have an MX record, so postfix does not attempt to deliver it >&g

Double delimiter?

2020-01-23 Thread @lbutlr
What is the expected behavior for an email with a double delimiter? user+foo+...@example.com It /looks/ like postfix has no issue with this, but treats neither foo nor bar as an address extension. (Dovecot says the extension is “foo+bar”) -- "Those people who think they know everything are

Re: Double delimiter?

2020-01-24 Thread @lbutlr
On 23 Jan 2020, at 16:49, Viktor Dukhovni wrote: > On Thu, Jan 23, 2020 at 04:39:40PM -0700, @lbutlr wrote: > >> What is the expected behavior for an email with a double delimiter? >> >> user+foo+...@example.com > > The base portion of the address is &qu

Re: Yahoo rate limit (again...)

2020-01-27 Thread @lbutlr
On 26 Jan 2020, at 23:19, gaia45500 wrote: > Many thanks for your explanations and your patience. While you have solved one problem, for now, you will almost certainly continue to have problems with yahoo because they are really bad at email. -- "Oh damn", said Maladict.

Re: auth=0/1

2020-01-27 Thread @lbutlr
On 27 Jan 2020, at 06:42, Bill Cole wrote: > It means that they attempted authentication 1 time but failed. > >> Sometimes I see auth=0/2 or auth=0/3. > > Which means they tried 2 or 3 times. Hmm. I see blocks like these throughout my logs: Jan 27 11:40:25 mail postfix/submit/smtpd[62764]: co

Re: Yahoo rate limit (again...)

2020-01-27 Thread @lbutlr
On 27 Jan 2020, at 10:41, James Moe wrote: > On 2020-01-26 12:57 PM, Emmanuel BILLOT wrote: > >> status=deferred (host mx-eu.mail.am0.yahoodns.net >> Messages from X.X.X.X temporarily deferred due to user complaints > It would seem you recipients do not appreciate your "massive" newsletter. >

Re: auth=0/1

2020-01-27 Thread @lbutlr
On 27 Jan 2020, at 12:42, Bill Cole wrote: > Right, because they are only trying to authenticate once per connection and > dropping the connection. If they had tried to authenticate 2 times on the > same connection, there would be one 'disconnect from' line with 'auth=0/2’ Ah, that does make

Re: How to restrict imposters

2020-02-18 Thread @lbutlr
On 18 Feb 2020, at 13:48, a wrote: > I looked around online to try to see examples to stop this but haven't found > any yet. Maybe I'm missing something simple. > > My postfix server does allow incoming connections from the outside world to > deliver mail to mailboxes on my server which is wha

Re: should we use plaintext for message?

2020-03-20 Thread @lbutlr
On 19 Mar 2020, at 00:16, Philip Paeps wrote: > On 2020-03-18 09:51:45 (+0800), Wesley Peng wrote: >> Following this guide: >> https://useplaintext.email/ >> >> Shall we use plaintext message in regular email communication? > > You should use what the content of the message needs modulo your rec

Re: Gmail and spam, a request

2020-03-20 Thread @lbutlr
On 20 Mar 2020, at 07:34, Jaroslaw Rafa wrote: > Currently I have an issue (again; the previous one from a few months ago was > resolved) with my messages sent to Gmail users - they are put into > recipients' Spam folders. I managed to actually reach someone at Google, > who told me that this is d

Re: [OT] looking for a good mobile MUA

2020-03-29 Thread @lbutlr
On 21 Mar 2020, at 03:25, Wesley Peng wrote: > But for mobile (I primarily use iOS) I’ve used a lot of mail clients on iOS and I always end up back on the included Mail.app. Many of the 3rd party ones require giving the developer access to my mail (that’s not happening) and the rest offer some

Re: Postfix as a backup MX

2020-03-29 Thread @lbutlr
On 28 Mar 2020, at 20:26, Linda Pagillo wrote: > I want to set up Postfix as a backup MX for a few of my Windows-based mail > servers. I have never done this before so I have been researching to see what > I could find. Reconsider. Backup MX servers are fiddly to maintain and work best when t

pflogsumm error.

2020-03-30 Thread @lbutlr
When running pflogsumm I am getting many error like this: Use of uninitialized value $domain in string eq at /usr/local/bin/pflogsumm line 1546, <> line 283375. Use of uninitialized value $domain in substitution (s///) at /usr/local/bin/pflogsumm line 1552, <> line 283375. # awk '{if(NR==283375

Re: pflogsumm error.

2020-03-30 Thread @lbutlr
On 30 Mar 2020, at 15:53, Wietse Venema wrote: > Does the error change if reverse the file order? I put then in order {postscreen, delivery, mail} and also {delivery, postscreen, mail} and no difference, but all the logs are piped to sort before being redirected to the file that pflogsumm proce

Re: pflogsumm error.

2020-04-03 Thread @lbutlr
On 31 Mar 2020, at 07:43, Matus UHLAR - fantomas wrote: > On 30.03.20 14:27, @lbutlr wrote: >> When running pflogsumm I am getting many error like this: >> >> Use of uninitialized value $domain in string eq at /usr/local/bin/pflogsumm >> line 1546, <> line 2833

Rejecting emails based on address extension?

2020-04-08 Thread @lbutlr
Given an email address of user+ama...@example.com how can I reject all emails to that address that do not come from amazon.com? I think I did something like this once but if I did, I didn’t keep notes. :/ -- Nihil est--in vita priore ego imperator Romanus fui.

Re: Rejecting emails based on address extension?

2020-04-08 Thread @lbutlr
On 08 Apr 2020, at 17:16, Allen Coates wrote: > On 09/04/2020 00:01, @lbutlr wrote: >> Given an email address of user+ama...@example.com how can I reject all >> emails to that address that do not come from amazon.com? >> >> I think I did something like this once

Re: Rejecting emails based on address extension?

2020-04-10 Thread @lbutlr
On 08 Apr 2020, at 22:43, Bill Cole wrote: > As a result, I reject all mail with a sender that matches 'bounce@' aimed at > 'b...@scconsult.com' which is an address that has been exposed for 25 years > in Usenet but never used for any sort of subscription or transaction. One > could just as ea

Re: Rejecting emails based on address extension?

2020-04-10 Thread @lbutlr
On 08 Apr 2020, at 17:01, @lbutlr wrote: > Given an email address of user+ama...@example.com how can I reject all emails > to that address that do not come from amazon.com? I realize after ready this whole thread that I phrased this poorly and incompletely. Yes, I want to reject all em

Re: Possible header_check solution?

2020-04-16 Thread @lbutlr
On 14 Apr 2020, at 11:42, Rick King wrote: > We were thinking using a header_check rule, something like this; but didn't > work due to the "backtracking limit exceeded" warning. The From: header is entirely valid, and the issue is the user’s MUA is not showing the full header (in an effort to

Re: PATCH: Glibc-2.31 DNSSEC and GCC 10

2020-04-16 Thread @lbutlr
On 16 Apr 2020, at 13:27, Wietse Venema wrote: > Any 'improvements' in Postfix DNSSEC support will have to be developed > in the Postfix 3.6 release cycle. The results from those 'improvements' > will never be merged back into Postfix 3.5 and earlier. Is this planned for 3.6, or are you speaking

Re: PATCH: Glibc-2.31 DNSSEC and GCC 10

2020-04-19 Thread @lbutlr
On 18 Apr 2020, at 11:04, Rich Felker wrote: > It's not security theater because nobody's claiming it's secure. > Rather it's a fairly weak form of hardening that increases the > required capabilities an attacker needs to exploit a known-insecure > system. It is secure in the sense that the commu

Re: PATCH: Glibc-2.31 DNSSEC and GCC 10

2020-04-19 Thread @lbutlr
On 19 Apr 2020, at 12:16, @lbutlr wrote: > It is secure Sorry, I thought this was Opportunistic TLS. -- I mistook thee for thy better Hamlet Act III scene 4

Re: AUTH Messages in log

2020-04-30 Thread @lbutlr
On 30 Apr 2020, at 10:52, Keith wrote: > Using version 3.2.2 under FreeBSD 11. The current version of 3.2 is 3.2.12, so update at least to that. > There are a lot of this in the log as bots etc try to AUTH on port 25. Is > there a way to turn this off or at least not have it scattered in the log

Re: filtering locally submitted emails / tidying up the config

2020-05-04 Thread @lbutlr
On 02 May 2020, at 10:56, Patrick Proniewski wrote: > milter-greylist You might want to read the list archives for recent (last five years?) threads on greylisting. -- Well, if crime fighters fight crime and fire fighters fight fire, what do freedom fighters fight? They never mention

Re: Relay access denied if mysql table is used

2020-05-04 Thread @lbutlr
On 04 May 2020, at 13:08, Robert Nemet wrote: > > virtual_mailbox_domains = > proxy:mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf What is in mysql-virtual-mailbox-domains.cf? > virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf > proxy:mysql:/etc/postfix/mysq

Re: easiest way to reject/process emails based on Return Path

2020-05-07 Thread @lbutlr
On 07 May 2020, at 19:31, yuv wrote: > I am operating a smallish postfix server for my law office. Many of > our contacts use Google's calendar, and when they enter one of our > email addresses into their calendar entries, we receive a flood of > annoying emails. Invitations / reminders / update

Re: BCC on local delivery agent?

2020-05-08 Thread @lbutlr
On 08 May 2020, at 02:54, Admin Beckspaced wrote: > ups ... I think I can answer my own question? > Why is it that the answer mostly comes once the email has been sent ;) Because if it came before, you wouldn’t sent the message! (90% of the email questions I write are never sent, hard to believe

Re: Postfix "IPv6-only" - experience/recommendation question

2020-05-12 Thread @lbutlr
On 11 May 2020, at 04:24, Jaroslaw Rafa wrote: > Someone told me… that Google is more likely to classify email from small > senders as spam if they are sent via IPv6, and less likely if they are sent > via IPv4. Short of Google publishing this information, I doubt that anyone knows this, and s

Re: TLS problem: no shared cipher?

2020-05-17 Thread @lbutlr
> On 15 May 2020, at 10:18, Roland Freikamp > wrote: > > Hi, > > I recently upgraded my mailserver-linux-system, which also upgraded Postfix > from 3.4.6 to 3.4.9, and renewed the TLS-certificates (Let's Encrypt). > The Postfix-configuration did not change. > Since then, some mails could not

Re: Preferred/maintained greylisting options?

2020-05-24 Thread @lbutlr
On 21 May 2020, at 12:49, Charles Sprickman wrote: > I was wondering if greylisting might be a good option here. It's a matter of how much Nanking you are willing to do and how much legitimate mail your are willing to lose. The usual method of greylisting where you tell a server to try again la

Re: noreply email technisch und für Empfänger zum Ausdruck bringen

2020-05-24 Thread @lbutlr
On 23 May 2020, at 08:52, Thomas wrote: > or The norm is to use an address along the lines you describe there. I use no-reply@. Emails to that address are accepted and discarded. Do not use a fake domain or someone else's domain, of course. You can certainly have the address be invalid so it

Re: noreply email technisch und für Empfänger zum Ausdruck bringen

2020-05-27 Thread @lbutlr
On 25 May 2020, at 11:47, Thomas wrote: > OK, I use now unkńown user NOREPLY > NOREPLY As I said, use a valid domain THAT YOU CONTROL. Do not create a fake address with someone else's domain. Do not use mudomain.com because you neither own nor control mydomain.com and do not use mydoamin.com

Re: Uninstalling postgrey

2020-05-27 Thread @lbutlr
On 24 May 2020, at 19:04, Ian Evans wrote: > Based on another thread here, I want to move to using postscreen/postwhite > and ditch postgrey. > > Just want to make sure I don't bungle stopping postgrey. > > So... > > - edit main.cf and remove "check_policy_service inet:127.0.0.1:10023" from

Re: Postfix -> Whatapp

2020-05-27 Thread @lbutlr
On 26 May 2020, at 13:24, J Doe wrote: > You may want to investigate doing this at the MDA. If you run Dovecot in > conjunction with Postfix, you could write a Sieve script that calls a shell > script that then sends the notification to whatever third-party service you > would like. I used to

Re: Preferred/maintained greylisting options?

2020-05-27 Thread @lbutlr
On 26 May 2020, at 15:11, Marvin Renich wrote: > However, when I first set up greylisting on my family email server (it > was exim way back then, but has long been postfix), I set it up so that > all incoming mail was sent through spamassassin _during_ SMTP, prior to > accept or reject. Mail with

Re: Different smtp gateway for domain

2020-05-27 Thread @lbutlr
On 27 May 2020, at 09:53, Matteo Cazzador wrote: > > example1.com smtp:gw1.gateway.com > example2.com smtp:gw2.gateway.com > example3.com smtp:gw3.gateway.com > > than i use make "postmap transport". And then you reload postfix? -- "The sad thing about true stupidity is that you

Re: noreply email technisch und für Empfänger zum Ausdruck bringen

2020-05-28 Thread @lbutlr
On 28 May 2020, at 15:29, Thomas wrote: > I of cource use my own domain where I pay for. Yes, but read the rest of what I wrote, especially the parts I've highlighted: Do not create a fake address with someone else's domain. Do not use mudomain.com because you neither own nor control mydomain.c

Re: noreply email technisch und für Empfänger zum Ausdruck bringen

2020-05-28 Thread @lbutlr
On 28 May 2020, at 15:59, Thomas wrote: > Am 28.05.20 um 23:48 schrieb @lbutlr: >> On 28 May 2020, at 15:29, Thomas wrote: >>> I of cource use my own domain where I pay for. >> Yes, but read the rest of what I wrote, especially the parts I've >> highlighted: &

Re: smtp servers port

2020-05-29 Thread @lbutlr
On 29 May 2020, at 08:19, Istvan Prosinger wrote: > 587 is so called submission, it's for communication between client <-> server Client to server, but not server to client. -- "A common mistake people make when trying to design something completely foolproof is to underestimate the i

  1   2   3   4   5   6   7   >